Fixes App Inspector Rules (#371)

src/oss-detect-backdoor/Resources/BackdoorRules/code_execution.json

@@ -50,7 +50,7 @@
     "tags": [
       "Security.Backdoor.Setup.WebRequest"
     ],
-    "applies_to": [ "setup.py" ],
+    "applies_to_file_regex": [ "setup.py" ],
     "severity": "important",
     "patterns": [
       {

src/oss-detect-backdoor/Resources/BackdoorRules/dependency_confusion.json

@@ -62,7 +62,7 @@
     "severity": "critical",
     "patterns": [
       {
-        "pattern": "resolve4\\((.*+){2}.*",
+        "pattern": "resolve4\\((.+){2}.*",
         "type": "regex",
         "scopes": [ "code" ],
         "modifiers": [ "i" ],

src/oss-detect-cryptography/DetectCryptographyTool.cs

@@ -382,6 +382,31 @@ private string NormalizeFileContent(string filename, byte[] buffer)
             return bufferString;
         }
 
+        public RuleSet GetEmbeddedRules()
+        {
+            RuleSet rules = new RuleSet(null);
+
+            Assembly? assembly = Assembly.GetExecutingAssembly();
+            foreach (string? resourceName in assembly.GetManifestResourceNames())
+            {
+                if (resourceName.EndsWith(".json"))
+                {
+                    try
+                    {
+                        Stream? stream = assembly.GetManifestResourceStream(resourceName);
+                        using StreamReader? resourceStream = new StreamReader(stream ?? new MemoryStream());
+                        rules.AddString(resourceStream.ReadToEnd(), resourceName);
+                    }
+                    catch (Exception ex)
+                    {
+                        Logger.Warn(ex, "Error loading {0}: {1}", resourceName, ex.Message);
+                    }
+                }
+            }
+
+            return rules;
+        }
+
         /// <summary>
         /// Analyzes a directory of files.
         /// </summary>
@@ -393,32 +418,16 @@ public async Task<List<IssueRecord>> AnalyzeDirectory(string directory)
 
             List<IssueRecord>? analysisResults = new List<IssueRecord>();
 
-            RuleSet rules = new RuleSet(null);
-            if (Options["disable-default-rules"] is bool disableDefaultRules && !disableDefaultRules)
+            RuleSet rules = new RuleSet();
+            if (Options["disable-default-rules"] is false)
             {
-                Assembly? assembly = Assembly.GetExecutingAssembly();
-                foreach (string? resourceName in assembly.GetManifestResourceNames())
-                {
-                    if (resourceName.EndsWith(".json"))
-                    {
-                        try
-                        {
-                            Stream? stream = assembly.GetManifestResourceStream(resourceName);
-                            using StreamReader? resourceStream = new StreamReader(stream ?? new MemoryStream());
-                            rules.AddString(resourceStream.ReadToEnd(), resourceName);
-                        }
-                        catch (Exception ex)
-                        {
-                            Logger.Warn(ex, "Error loading {0}: {1}", resourceName, ex.Message);
-                        }
-                    }
-                }
-
-                // Add Appliation Inspector cryptography rules
-                assembly = typeof(AnalyzeCommand).Assembly;
+                rules.AddRange(GetEmbeddedRules());
+
+                // Add Application Inspector cryptography rules
+                var assembly = typeof(AnalyzeCommand).Assembly;
                 foreach (string? resourceName in assembly.GetManifestResourceNames())
                 {
-                    if (resourceName.EndsWith(".json"))
+                    if (resourceName.EndsWith(".json") && resourceName.Contains("cryptography"))
                     {
                         try
                         {